check_kdc

Works well allthough the documentation is pretty lacking. I had to change the path to kinit in the script to: /usr/bin/kinit Otherwise it worked out of the box. Great!

Here is a patch to make it authenticate using Kerberos password as well and not just keytab. I have also hard-coded the path for utils.sh as it was in a different location from where I stored this plugin. So modify utils.sh path according to your environment. 4a5 > # Modified by Rahul Amaram 12d12 . /usr/lib/nagios/plugins/utils.sh 23a25 > -w, --password=PASSWORD Password for the principal 54a57 > -w|--password) shift; password=$1; shift;; 61c64 if [ -z "$kdc" -o -z "$principal" ] || [ -z "$keytab" -a -z "$password" ]; then 92c95,99 &1` --- > if [ -n "$password" ]; then > err=`KRB5_CONFIG=$conf expect -c "log_user 0; spawn kinit -c "$cc" "$principal"; expect -re "Password for .*: "; send "$passwordr"; expect eof; send_user "\$expect_out(buffer)"; catch wait result; exit [lindex \$result 3]"` > else > err=`KRB5_CONFIG=$conf kinit -c "$cc" -k -t "$keytab" "$principal" 2>&1` > fi 98c105 echo "CRITICAL Getting Kerberos ticket: `echo $err | sed -r 's/^.*?kinit:s*//' | head -n 1`"